From b1c0c9d40edcf1877698afb865f46c7f498ce7d7 Mon Sep 17 00:00:00 2001
From: Jacek Kowalski <Jacek@jacekk.info>
Date: Thu, 27 Apr 2023 20:49:29 +0000
Subject: [PATCH] GitHub Actions: limit permissions of GITHUB_TOKEN

---
 src/main/java/org/keycloak/protocol/cas/CASLoginProtocolService.java |   11 +++++------
 1 files changed, 5 insertions(+), 6 deletions(-)

diff --git a/src/main/java/org/keycloak/protocol/cas/CASLoginProtocolService.java b/src/main/java/org/keycloak/protocol/cas/CASLoginProtocolService.java
index 2448808..041303e 100644
--- a/src/main/java/org/keycloak/protocol/cas/CASLoginProtocolService.java
+++ b/src/main/java/org/keycloak/protocol/cas/CASLoginProtocolService.java
@@ -12,11 +12,9 @@
 import javax.ws.rs.core.*;
 
 public class CASLoginProtocolService {
+    private KeycloakSession session;
     private RealmModel realm;
     private EventBuilder event;
-
-    @Context
-    private KeycloakSession session;
 
     @Context
     private HttpHeaders headers;
@@ -24,8 +22,9 @@
     @Context
     private HttpRequest request;
 
-    public CASLoginProtocolService(RealmModel realm, EventBuilder event) {
-        this.realm = realm;
+    public CASLoginProtocolService(KeycloakSession session, EventBuilder event) {
+        this.session = session;
+        this.realm = session.getContext().getRealm();
         this.event = event;
     }
 
@@ -35,7 +34,7 @@
 
     @Path("login")
     public Object login() {
-        AuthorizationEndpoint endpoint = new AuthorizationEndpoint(realm, event);
+        AuthorizationEndpoint endpoint = new AuthorizationEndpoint(session, event);
         ResteasyProviderFactory.getInstance().injectProperties(endpoint);
         return endpoint;
     }

--
Gitblit v1.9.1